Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
 Pages:  1  ..  3    5  
Author: Subject: Oh yeah, no reason to be paranoid...
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 18-2-2015 at 03:36


http://www.rutherford.org/publications_resources/john_whiteh...
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 18-2-2015 at 15:01


They have us by the short ones. I agree but what can you do to change or stop it?

I just live my life, inform people that wish to listen, and wear my titanium body suit 24 / 7. (tin foil hats can be tracked now too...)

Just sayin'




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 21-2-2015 at 14:28


http://www.slate.com/blogs/future_tense/2015/02/18/equation_...
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 21-2-2015 at 14:36


It's seriously Worse than you may imagine.

The best thing is to kind of realise the facts, make plans, prepare, then carry on regardless.

Fact is that You are unaffected, yet.




View user's profile View All Posts By User
Chemosynthesis
International Hazard
*****




Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

[*] posted on 21-2-2015 at 15:59


http://www.eweek.com/security/linux-lands-on-nsa-watch-list....
That been posted yet?
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 21-2-2015 at 16:16


Quote: Originally posted by franklyn  
http://www.slate.com/blogs/future_tense/2015/02/18/equation_...



Bert posted a pretty comprehensive article on this story in the VPN thread.
Many people just have no clue how many "hand shakes your internet device makes in an hour, never mind any time span longer than that. It takes a millisecond for the damage to occur.

I really have no idea how many drive I have either repaired / cleaned / or tossed out due to malware.

Here's a quick story... There's a widow that lives a few houses down. We started talking, and she told me about her "site". Harmony dot com.

She met a guy (look this up) James Stewart!!!

It's a west African scam that has been and, still is bilking millions out of new widows, and dating sites.
I found the info, and informed her. She then tells me she has sent him $20,000.00!!!!!!! in the past year.
I started to dig thu her PC, and low, and behold the cursor begins deleting files almost as fast as I can dig them up.

The F@CKING WEB CAM IS ACTIVE!

She even sent a scan of her passport. That was so a courier could ID her to deliver 3.5 million in gold bullion that Staff Sgt. Stewart received for finding a Iraqi Princes son, that was kidnapped.

That little beauty only cost her ten grand in transportation fees due to the extreme weight.

I guess the courier took a left in New Jersey when he should have made a right... Shes STILL waiting for this gold to show up, and requested I leave her computer the way it is so I don't screw it up on her.

Good luck folks!





They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 21-2-2015 at 16:27


Quote: Originally posted by Chemosynthesis  
http://www.eweek.com/security/linux-lands-on-nsa-watch-list....
That been posted yet?


That article is a little off in the details but the jist is correct.

Tor dropped Polipo (onion router) more than a year ago because of that issue.
They switched to a built in / no bail, relay node system.

It's not fail safe but the shear numbers make it undecipherable.
The "hype" is to scare users off the network solely because it is the numbers that make it work. Big Bro has the mass media, and all we have is each other. JFK ring any bells?

Tails network is a whole 'nuther ball of wax. Unless you encrypt yourself, and use an alias... you are wide freekin open. Only your PC is clean. Not your traffic.

The smart play is to run Wipe, and Nuke on a parallel band. Anyone trying to read your data will be shut down by their own security OR their drive will wipe, and delete the very code that makes it run. No recovering from it.

Least that's what I hear.;)

[Edited on 2-22-2015 by Zombie]




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 23-2-2015 at 00:33


http://www.wired.com/2015/02/nsa-firmware-hacking

I had addressed the following here _
http://www.sciencemadness.org/talk/viewthread.php?tid=19386&...
Hiding Data in Hard-Drive’s Service Areas
http://www.recover.co.il/SA-cover/SA-cover.pdf

http://cryptome.org/2014/05/nsa-customs.htm

http://www.wired.com/2015/02/kapersky-discovers-equation-gro...

http://securelist.com/blog/research/68750/equation-the-death...
http://25zbkz3k00wn2tp5092n6di7b5k.wpengine.netdna-cdn.com/f...

http://www.spiegel.de/media/media-35661.pdf

_______________________________________


As Charlie Brown would say - Arrrgh !

http://www.pcworld.com/article/2887392/lenovo-hit-with-lawsu...

http://www.cnet.com/news/superfish-torments-lenovo-owners-wi...

Check if you have this and maybe others
https://filippo.io/Badfish

.
View user's profile View All Posts By User
Sulaiman
International Hazard
*****




Posts: 3692
Registered: 8-2-2015
Location: 3rd rock from the sun
Member Is Offline


[*] posted on 23-2-2015 at 02:13


due to the post above I just ran the superfish removal tool

SHIIIT !!!

my Lenovo was infected.



Thanks for the heads up guys.
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 23-2-2015 at 02:22


It all comes back yo Uncle Bill!

Have you all seen the "System Reserved" partition? The "new" boot sector?

That is exactly what all those articles are referring to. Hidden partitions.

When Win. 10 is released all support for previous versions will be dropped. All of it. We are then 100% in pocket, and ready to go on Their on line world.

For now??? Copy your boot sector or make a new boot cd. Put that copy on "C" drive WHERE IT BELONGS, and delete Uncle Bills "system reserved" partition.
Use Paragon or whatever to wipe, and you can now re partition to gain that space, and prevent hidden partition attacks.

It's a brave new world... "order".




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 24-2-2015 at 08:17


http://www.theglobeandmail.com/news/world/russian-researcher...
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 24-2-2015 at 11:49


That is the first time I saw the complete list of hard drives.

The only use NSA would ever have for the majority of computers on the "net" would be to use them as "zombies" to launch a massive viral attack either at specific targets or entire countries.

For the most part all of this is no real concern to individuals.

It is the same as what they did with the Suxhnet virus, it's just a stronger back bone now. We can't readily remove their code.




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 24-2-2015 at 13:37


Just dump Windoze and install Linux.

If you can learn C, you can read the entire source code, even compile your own OS and use that instead of the spoon fed garbage M$ peddles.




View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 24-2-2015 at 15:04


I'm a champ at understanding what software I need for a purpose but I forgot everything I ever learned about code when compilers came out.

Linux always felt sort of "flat" to me. I like all the shiny things that get windows users in trouble. It gives me something else to do. Fix the Damn computer...




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
Oscilllator
National Hazard
****




Posts: 659
Registered: 8-10-2012
Location: The aqueous layer
Member Is Offline

Mood: No Mood

[*] posted on 24-2-2015 at 22:16


Quote: Originally posted by aga  
Just dump Windoze and install Linux.

If you can learn C, you can read the entire source code, even compile your own OS and use that instead of the spoon fed garbage M$ peddles.

I've been thinking about doing this, but since many of the applications I use are only available for windows I think it probably wouldn't be worth it since I would spend all my time using a windows emulator. What reasons would you give for using a linux over a windows machine?
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 25-2-2015 at 02:36


The bigest reason is everything runs in ram or a "virtual environment"

That alone prevents most nasties from ever gaining access to your hard drive.

Quote:

"LINUX IS LESS VULNERABLE TO COMPUTER MALWARE!

Because most computer malware are designed to attack Windows (often through Active X which is not typically found in Linux) the odds are considerably less for Linux to be infected with a virus than Windows [2]. The same holds true with spyware, trojans, and worms. While Linux malware does exist, they are relatively few in number and none have become widespread so far [3]. While Linux is very secure by its nature, users should still employ good sense while surfing the Internet; click here to learn more [4]. As long as Linux users download and install only from their distro’s official software repository, then security is greatly increased. One nice security feature In Linux is that files must be made to be executable by someone with administrator privileges, which requires a password. So even if a Linux virus is loaded on a Linux computer, it will not be able to run without the user who has administrator privileges intentionally making it executable. Another important aspect of Linux security is the fact that it is open source. Because the programing code is available for anyone to view, there are many eyes constantly examining it, which makes it highly difficult for malware to be hidden within the code [5]. Also, security patches normally come much quicker to Linux than other operating systems because so many people are contributing to it. Here are some resources with more information about Linux security and why Linux computers are much less likely than Windows to ever become infected with a virus:"

https://renewablepcs.wordpress.com/about-linux/advantages-of...


There are a few more links in the article




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
Loptr
International Hazard
*****




Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 25-2-2015 at 10:03


Quote: Originally posted by Zombie  
The bigest reason is everything runs in ram or a "virtual environment"

That alone prevents most nasties from ever gaining access to your hard drive.

Quote:

"LINUX IS LESS VULNERABLE TO COMPUTER MALWARE!

Because most computer malware are designed to attack Windows (often through Active X which is not typically found in Linux) the odds are considerably less for Linux to be infected with a virus than Windows [2]. The same holds true with spyware, trojans, and worms. While Linux malware does exist, they are relatively few in number and none have become widespread so far [3]. While Linux is very secure by its nature, users should still employ good sense while surfing the Internet; click here to learn more [4]. As long as Linux users download and install only from their distro’s official software repository, then security is greatly increased. One nice security feature In Linux is that files must be made to be executable by someone with administrator privileges, which requires a password. So even if a Linux virus is loaded on a Linux computer, it will not be able to run without the user who has administrator privileges intentionally making it executable. Another important aspect of Linux security is the fact that it is open source. Because the programing code is available for anyone to view, there are many eyes constantly examining it, which makes it highly difficult for malware to be hidden within the code [5]. Also, security patches normally come much quicker to Linux than other operating systems because so many people are contributing to it. Here are some resources with more information about Linux security and why Linux computers are much less likely than Windows to ever become infected with a virus:"

https://renewablepcs.wordpress.com/about-linux/advantages-of...


There are a few more links in the article


A vulnerability can pop up in Linux-based distribution just as easily as Windows. Linux, or rather the open-source world, does have a pretty good leg up when it comes to security, and that is because the source code is available for review by hackers, developers, and security-minded individuals alike. The more eyes on the source code you have, the less likely it is to start to get a mind of its own and start seeing bugs as features.

One thing that Windows has over Linux is the reduced surface area of attack when it comes to combinations of third party software packages installed. Every Linux distribution is made up of software from completely different groups that have completely different ways of managing the projects, not to mention different methods of review, testing, and quality control. In order for a Linux distribution to be completely secure (no system is completely, but hypothetically speaking), the groups developing each individual package must be diligent and keep their act straight, while Microsoft on the other hand, has to just keep themselves straight. Whether either of them actually accomplishes this in reality is a whole other issue, but the point being less required purview. (yes, Windows has a lot of third party software, a lot of them being drivers, but they don't make up the core system in my conceptual frame of reference.)

When a vulnerability does pop up, I would feel safer with a Linux-based distribution simply for the reason that there is such a wide variance in the makeup of each distribution. Sure, there is a lot in common between each distribution, but each package distributor has their own way of putting the system together than might help keep your system from being included in a broad brush stroke across multiple machines, such as needed file permissions or execute permissions being set, certain libraries and versions being installed, certain paths of installed libraries, etc. That is another thing, why does Microsoft allow any file to be executable? In Unix-derived systems, there is an execute flag that is needed to "execute" something, whether it be a shell script or an actual executable. A lot of Linux vulnerabilities have to be specifically targeted, which limits the exploit to a particular set of installations instead of potentially several generations of Windows. Linux is a patchwork of software, and one Linux isn't necessarily the same as another Linux, which I feel does provide some level of additional security, even if it is only security through obscurity. An example would be a vulnerability in the KDE windowing environment, which doesn't automatically imply the vulnerability also works under a Gnome environment--I know these are commonly installed alongside each other, but just a simple example. The point being they are different libraries that are linked against either at compile time or run-time, depending on the developer. (Another factor is how knowledgeable the developer is that wrote the exploit--if they are good enough, it won't make a difference.)

Now, if you want to talk about government and big brother, then you need to start worrying about the distribution channels of your hardware and software, especially now since computers have networking abilities even before you get the operating system installed. BIOS-based management over the network is a useful technology for Sys Admins, but it scares the crap out of me. I have personally seen instances where Chinese-manufactured chips were found to contain rootkits, which led to policy being implemented within certain circles where all open-source software must be compiled in house or by a trusted-party (me being one of them at the time), and all hardware vetted through trusted channels.

If it's digital, it's probably listening to you right now. I imagine the classified sigint collection technologies are way beyond anything we could think of in a day, and years ahead of anything publicly available now. The government tends to get everything from the source through policy, so any public service or utility can only be assumed to have something built-in to allow them observe AT LEAST SOMETHING.

Now go check out that ISP-provided modem/wireless router you have in your house. The only reason they decided to provide that service is ease of use for the end-user, right? ;-)

Coming from someone who has been developing software for 20 years and is in the "industry".

[Edited on 25-2-2015 by Loptr]

[Edited on 25-2-2015 by Loptr]
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 1-3-2015 at 15:03


Quote: Originally posted by Loptr  
One thing that Windows has over Linux is the reduced surface area of attack when it comes to combinations of third party software packages installed.

I cannot agree with that at all.

Windows installations tend to come bundled with all sorts of Third Party garbage, on top of the M$ garbage, and users download and install all sorts of stupidity as well.

Most noteable recent gaff is the Lenovo Superfish abomination, sent out with each new Lenovo laptop : Idiocy in action.

M$ is terribly badly designed/written, yet makes Billions of $.

Fact is that it is so ubiquitous that those fatal flaws have been Spun into 'Reason To Upgrade' or 'Need to buy Support Package'.

Linux is also vulnerable, in that a Genius programmer can simply Read the code and See the vulnerabilities.

The advantage is that everyone can read the same code, and 10,000 less gifted programmers eventually see the same thing, and just 1 can fix it, and does, and for Free.




View user's profile View All Posts By User
Loptr
International Hazard
*****




Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 2-3-2015 at 09:44


I agree with the perceived difference between Windows and Linux, but the fact of how many third party pieces of code are included in one over the other is not for debate. I don't even think I could get a solid number because I continue to see more every day. Also, it comes down to distribution channels like I also said. You can't compare Windows that I install myself vs a prebuilt image being pushed by Lenovo. They will have different packages installed. I am approaching this from a statistical perspective of how likely a bug is to show up given mismanagement and miscommunication amongst developers. Like I also said, in reality it can be quite different and is not the rule.

Also, it doesn't take a genius programmer to read Linux code. Just a pot of coffee, Excedrin, and a bit of a background of college-level Computer Science and operating systems development (elective for my degree). I have written several linux kernel modules, and I don't consider myself a genius in the least.

Don't mistake my stance on Windows vs Linux, as I am a Unix geek at heart, but have now been forced to work in a predominantly Windows environment. Also, as having seen the Windows source code and worked with some of the teams at Microsoft, I can say it is filled (or was at one point) with bug workaround to preserve behavior for some important applications that depended on the bugs behavior.

As for the design of Windows, I only speak up for the kernel, which I quite liked actually (very tidy and clean), while a lot of the subsystem code and user land libraries seemed all over the place (which I have seen a bit and is where I saw the bug preservation code).

Microsoft does have an ugly past, and that's not up for debate. However, since they have now forced themselves to work according to the Security Development Lifecycle, where security is an integral part of its development plans, they have been doing... better. Code review is king, so whether it is open-source or paid consultants, the more eyes on the code, the better.


[Edited on 2-3-2015 by Loptr]
View user's profile View All Posts By User
Loptr
International Hazard
*****




Posts: 1348
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 2-3-2015 at 09:52


Quote: Originally posted by aga  

I cannot agree with that at all.


The reduced surface area of attack specifically referred to the wide array of different packagers of the distributions, different packages and version, etc., etc.

There are more distributors and packagers of Linux than salt in the seas. (being facetious) And yes, this does open up discussion to Windows re-distributors, but there are still far more than Windows. Simply because it's cost money with Windows.

[Edited on 2-3-2015 by Loptr]

Quote: Originally posted by aga  
Fact is that it is so ubiquitous that those fatal flaws have been Spun into 'Reason To Upgrade' or 'Need to buy Support Package'.


Come on, that is a business model! ;)

[Edited on 2-3-2015 by Loptr]
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 2-3-2015 at 11:17


Sadly Yes.

M$ have managed to spin 'Our Failure To Make a Good Product' into 'The Reason for Our Amazing Success'

In that respect, M$ is truly incredible.




View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 19-5-2015 at 09:55


http://www.foxnews.com/politics/2015/05/18/senate-fight-loom...

http://irregulartimes.com/2015/03/08/heads-up-section-215-of...

http://www.reuters.com/article/2015/05/07/us-usa-security-ns...

http://www.zdnet.com/article/two-months-until-patriot-act-do...


https://www.congress.gov/bill/114th-congress/senate-bill/103...

https://www.congress.gov/bill/114th-congress/house-bill/1466

https://www.congress.gov/bill/114th-congress/house-bill/2048


Okay fella what's the idea of you traveling by train _
http://www.theatlantic.com/politics/archive/2015/05/how-the-...


.
View user's profile View All Posts By User
blogfast25
International Hazard
*****




Posts: 10562
Registered: 3-2-2008
Location: Neverland
Member Is Offline

Mood: No Mood

[*] posted on 19-5-2015 at 12:16


Quote: Originally posted by aga  
Sadly Yes.

M$ have managed to spin 'Our Failure To Make a Good Product' into 'The Reason for Our Amazing Success'

In that respect, M$ is truly incredible.


Another example of Incompetence turned into Gold is Google.

'Our Search Results are So Crappy that if You Want to Be on Page 1, You Have to Pay for it, in an Auction that Drives up the Cost per Click, You Suckers. And Then Very Stupid People Will Call Us 'Liberals' with A Smiley Face'. :mad:




View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 19-5-2015 at 12:23


All modern devices are incredibly complex.

The Sales hype tends to focus on the Core processor, by which the device is deemed 'powerful' etc.

Modern devices include several processors to handle tasks such as the Graphics, Hard drive control, even Power Management.

Each one is a processor, capable of executing instructions.

So long as it handles it's intended task, who is to say what Other instructions it is executing ?

The days of ROM or EPROM are long gone.
The technology today uses re-writeable permanent memory for storing the instructions for these processors, and these processors can write to that same permanent memory.

Frankly it is a crap-shoot as to whether your device does 100% what it was intended to do by it's manufacturer, let alone what you want it to focus on doing.

The manufacturer may never have intended it to do 100% what You the User wanted it to do ...

[Edited on 19-5-2015 by aga]




View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 23-5-2015 at 09:13


http://www.vox.com/2015/5/23/8648463/nsa-scare-tactics
View user's profile View All Posts By User
 Pages:  1  ..  3    5  

  Go To Top